CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

RedhatCVE•added 2025/12/10 3:26 a.m.•1 views

CVE-2025-66627

Wasmi is a WebAssembly interpreter focused on constrained and embedded systems. In versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2 and 1.0.0, Wasmi's linear memory implementation leads to a Use After Free vulnerability, triggered by a WebAssembly module under certain memory...

8.4CVSS7AI score0.00022EPSS

Exploits0References1

NVD•added 2025/12/09 4:18 p.m.•1 views

CVE-2025-66627

8.4CVSS0.00022EPSS

Exploits0References1

Vulnrichment•added 2025/12/09 2:52 a.m.•2 views

CVE-2025-66627 Wasmi's Linear Memory has a Critical Use After Free Vulnerability

8.4CVSS6.9AI score0.00022EPSS

Exploits0References1

OSV•added 2025/12/09 2:52 a.m.•1 views

CVE-2025-66627 Wasmi's Linear Memory has a Critical Use After Free Vulnerability

8.4CVSS7.2AI score0.00022EPSS

Exploits0References3

EUVD•added 2025/12/09 2:52 a.m.•1 views

EUVD-2025-201826

8.4CVSS6.7AI score0.00022EPSS

Exploits0References3

Cvelist•added 2025/12/09 2:52 a.m.•25 views

CVE-2025-66627 Wasmi's Linear Memory has a Critical Use After Free Vulnerability

8.4CVSS0.00022EPSS

Exploits0References1

CVE•added 2025/12/09 2:52 a.m.•5 views

CVE-2025-66627

CVE-2025-66627 affects Wasmi (WebAssembly interpreter for constrained/embedded systems). The issue is a Use-After-Free in Wasmi’s linear memory implementation triggered under certain memory growth conditions, potentially causing memory corruption, information disclosure, or code execution. Affect...

8.4CVSS6.8AI score0.00022EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/12/09 12:0 a.m.•1 views

Wasmi 资源管理错误漏洞

Wasmi is an open source WebAssembly interpreter for embedded systems from Wasmi Labs. A resource management error vulnerability exists in Wasmi versions 0.41.0, 0.41.1, 0.42.0 through 0.47.1, 0.50.0 through 0.51.2, and 1.0.0, which stems from a flaw in the implementation of linear memory that cou...

8.4CVSS6.4AI score0.00022EPSS

Exploits0References1

Positive Technologies•added 2025/12/09 12:0 a.m.•3 views

PT-2025-49777

8.4CVSS7.2AI score0.00022EPSS

Exploits0References1

vulnersOsv•added 2025/12/08 10:15 p.m.•6 views

wasmi_c_api_impl (=0.50.0), wasmi_runtime_layer (=0.50.0) potentially affected by CVE-2025-66627 via wasmi (=0.50.0)

wasmi CARGO version =0.50.0 is affected by a known vulnerability. The following packages have a transitive dependency on wasmi and may be impacted: - wasmicapiimpl =0.50.0 - wasmiruntimelayer =0.50.0 Source cves: CVE-2025-66627 Source advisory: OSV:GHSA-G4V2-CJQP-RFMQ...

8.4CVSS5.8AI score0.00022EPSS

Exploits0

vulnersOsv•added 2025/12/08 10:15 p.m.•2 views

pepl-codegen (>=0.1.1 <=0.1.2), pepl-compiler (>=0.1.1 <=0.1.2) +2 more potentially affected by CVE-2025-66627 via wasmi (>=0.42.1 <=0.46.0)

wasmi CARGO version =0.42.1, =0.1.1, =0.1.1, =0.42.0, =0.42.0, =0.46.0 Source cves: CVE-2025-66627 Source advisory: OSV:GHSA-G4V2-CJQP-RFMQ...

8.4CVSS5.8AI score0.00022EPSS

Exploits0

OSV•added 2025/12/08 10:15 p.m.•1 views

GHSA-G4V2-CJQP-RFMQ Critical Use-After-Free in Wasmi's Linear Memory

Summary A use-after-free vulnerability has been discovered in the linear memory implementation of Wasmi. This issue can be triggered by a WebAssembly module under certain memory growth conditions, potentially leading to memory corruption, information disclosure, or code execution. Impact -...

8.4CVSS7.2AI score0.00022EPSS

Exploits0References4

Github Security Blog•added 2025/12/08 10:15 p.m.•5 views

Critical Use-After-Free in Wasmi's Linear Memory

8.4CVSS7.3AI score0.00022EPSS

Exploits0References4Affected Software1

RedhatCVE•added 2025/02/05 12:56 a.m.•2 views

CVE-2024-28123

Wasmi is an efficient and lightweight WebAssembly interpreter with a focus on constrained and embedded systems. In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise if the host calls or resumes a Wasm function with more parameters than the default limit 128, as it will surpass the...

9.8CVSS6.8AI score0.00312EPSS

Exploits0References1

NVD•added 2024/03/21 2:52 a.m.•6 views

CVE-2024-28123

9.8CVSS7.1AI score0.00312EPSS

Exploits0References3

OSV•added 2024/03/08 9:29 p.m.•14 views

CVE-2024-28123 Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters

7.3CVSS6.6AI score0.00312EPSS

Exploits0References5

CVE•added 2024/03/08 9:29 p.m.•76 views

CVE-2024-28123

The CVE-2024-28123 issue affects Wasmi, a WebAssembly interpreter. The root cause is an out-of-bounds buffer write when the host calls or resumes a Wasm function with more than 128 parameters, causing stack overflow for host-to-Wasm calls (not for Wasm-to-Wasm). This vulnerability is addressed by...

9.8CVSS7.1AI score0.00312EPSS

Exploits0References3Affected Software1

OSV•added 2024/03/07 5:26 p.m.•12 views

GHSA-75JP-VQ8X-H4CQ Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters

Summary In the WASMI Interpreter, an Out-of-bounds Buffer Write will arise arise if the host calls or resumes a Wasm function with more parameters than the default limit 128, as it will surpass the stack value. This doesn’t affect calls from Wasm to Wasm, only from host to Wasm. Impact After...

7.3CVSS7.2AI score0.00312EPSS

Exploits0References5

Github Security Blog•added 2024/03/07 5:26 p.m.•19 views

Wasmi Out-of-bounds Write for host to Wasm calls with more than 128 Parameters

9.8CVSS7.3AI score0.00312EPSS

Exploits0References5Affected Software1

vulnersOsv•added 2024/03/07 5:26 p.m.•0 views

ardaku (=0.1.0), argon (=0.1.0) +10 more potentially affected by CVE-2024-28123 via wasmi (>=0.19.0 <=0.30.0)

wasmi CARGO version =0.19.0, =0.2.3, =0.2.3, =0.2.3, =0.1.0, =0.30.0 - wright =0.7.0 Source cves: CVE-2024-28123 Source advisory: OSV:GHSA-75JP-VQ8X-H4CQ...

9.8CVSS5.8AI score0.00312EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by